Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A7E78F5A27E21658A040D41B16F6AC7D4AD5982A5B5E92C559FB0D9143E9172C/0/323830363a3363633a3a2f33322d3332203d3e20323635353233.roa
File:                     323830363a3363633a3a2f33322d3332203d3e20323635353233.roa (raw, json)
Hash identifier:          JQ8peqGMQsUBFx/Te36/FoLPkIhKD1az7TsMWmp5RFM=
Subject key identifier:   8A:73:D6:51:9D:DD:A8:08:C3:53:4E:FB:2E:6F:98:2F:EE:F0:6D:51
Certificate issuer:       /CN=914352F6071C82AE424F2740F43122F9D595BDB5
Certificate serial:       1C70F66D176CEAF435C828449291BA0ADB091B48
Authority key identifier: 91:43:52:F6:07:1C:82:AE:42:4F:27:40:F4:31:22:F9:D5:95:BD:B5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/914352F6071C82AE424F2740F43122F9D595BDB5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A7E78F5A27E21658A040D41B16F6AC7D4AD5982A5B5E92C559FB0D9143E9172C/0/323830363a3363633a3a2f33322d3332203d3e20323635353233.roa
Signing time:             Tue 05 Mar 2024 17:40:22 +0000
ROA not before:           Tue 05 Mar 2024 17:35:22 +0000
ROA not after:            Tue 04 Mar 2025 17:40:22 +0000
asID:                     265523
IP address blocks:        2806:3cc::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/A7E78F5A27E21658A040D41B16F6AC7D4AD5982A5B5E92C559FB0D9143E9172C/0/914352F6071C82AE424F2740F43122F9D595BDB5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A7E78F5A27E21658A040D41B16F6AC7D4AD5982A5B5E92C559FB0D9143E9172C/0/914352F6071C82AE424F2740F43122F9D595BDB5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/914352F6071C82AE424F2740F43122F9D595BDB5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 25 Jul 2024 06:55:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1c:70:f6:6d:17:6c:ea:f4:35:c8:28:44:92:91:ba:0a:db:09:1b:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=914352F6071C82AE424F2740F43122F9D595BDB5
        Validity
            Not Before: Mar  5 17:35:22 2024 GMT
            Not After : Mar  4 17:40:22 2025 GMT
        Subject: CN=8A73D6519DDDA808C3534EFB2E6F982FEEF06D51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:30:ed:5c:a4:00:62:ce:3b:5c:b7:6c:56:e0:
                    d5:8e:ce:b8:4d:c6:2d:96:1e:e3:ce:d5:d6:2e:9c:
                    bb:ff:86:5b:12:80:31:12:68:31:c6:e6:b3:0a:bf:
                    cd:dc:d7:49:ac:51:7b:c4:00:f8:ee:f2:82:3f:b8:
                    4d:37:a9:24:2c:0d:97:ff:25:49:c2:27:a3:f6:90:
                    79:b7:9c:6e:dc:4f:a2:2c:42:e8:34:11:4d:1a:25:
                    8b:c1:45:4b:f2:e3:98:ab:8d:34:fc:8c:66:9e:1c:
                    8a:ed:b8:81:e2:38:cb:f7:5b:50:cb:8e:b6:b0:a4:
                    72:c8:d3:2a:b1:86:d8:a0:10:13:21:4c:b4:c5:70:
                    35:91:35:4d:84:f1:d4:52:4a:dc:19:fb:aa:54:c1:
                    77:bf:25:bf:ff:46:19:88:76:3f:99:38:65:32:3c:
                    4a:0d:34:ee:c7:6a:d7:25:fd:d1:2e:4d:3f:f7:df:
                    56:2d:44:2d:66:b4:71:bc:2c:c5:9a:6b:e1:1e:b1:
                    4e:77:78:9f:6f:05:77:44:e6:4e:90:94:f8:f9:46:
                    18:78:18:eb:a2:18:19:fe:af:a9:d5:da:ed:5f:fa:
                    ee:02:7d:5c:75:58:19:06:c6:1b:ff:99:21:c7:fc:
                    6a:47:6b:86:6e:43:b1:17:98:12:0a:72:ad:af:e9:
                    c4:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:73:D6:51:9D:DD:A8:08:C3:53:4E:FB:2E:6F:98:2F:EE:F0:6D:51
            X509v3 Authority Key Identifier:
                keyid:91:43:52:F6:07:1C:82:AE:42:4F:27:40:F4:31:22:F9:D5:95:BD:B5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A7E78F5A27E21658A040D41B16F6AC7D4AD5982A5B5E92C559FB0D9143E9172C/0/914352F6071C82AE424F2740F43122F9D595BDB5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/914352F6071C82AE424F2740F43122F9D595BDB5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A7E78F5A27E21658A040D41B16F6AC7D4AD5982A5B5E92C559FB0D9143E9172C/0/323830363a3363633a3a2f33322d3332203d3e20323635353233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2806:3cc::/32

    Signature Algorithm: sha256WithRSAEncryption
         7c:26:b9:d5:78:e9:3b:53:ed:c4:f3:60:3b:e0:af:01:8b:4a:
         bf:37:26:05:5d:6e:2f:7d:f2:55:61:25:3e:c6:d4:b0:d7:a5:
         96:c9:a0:18:9b:5e:1e:92:94:2a:32:c3:96:cf:59:0d:47:7d:
         e6:ca:4b:b0:2d:70:30:77:11:30:fb:23:f8:dc:a6:bd:8c:20:
         a0:fb:8e:0d:1a:0d:69:da:5c:50:87:17:94:7d:28:04:10:44:
         7a:e2:29:f1:5d:cc:72:b4:f9:33:f7:4c:4f:33:9a:e7:d4:63:
         d8:2e:2c:5b:b6:ab:73:b1:ce:ae:d5:e4:a6:9a:d7:2a:01:68:
         fd:77:d9:24:27:24:1a:0d:88:18:7b:c5:17:ad:20:71:e0:4b:
         f2:d5:bb:dd:05:c4:3a:da:55:fc:9a:20:71:6c:ee:c2:70:d1:
         7b:8c:5c:92:de:37:bf:f9:a1:79:9c:f6:d7:14:59:a4:1a:c4:
         c3:c4:10:85:07:ae:a7:34:81:d1:b2:cf:d7:03:4c:1b:30:28:
         20:2b:e6:05:1a:cf:c0:79:76:4e:de:4f:3a:57:34:20:53:b4:
         6d:15:18:27:79:65:90:b5:f0:c1:a4:5e:d2:44:3d:2e:c0:6b:
         c5:5e:b3:9a:2b:c4:5b:1f:7b:96:31:96:22:4b:a9:9a:0e:b4:
         54:c1:fe:0d
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUHHD2bRds6vQ1yChEkpG6CtsJG0gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTE0MzUyRjYwNzFDODJBRTQyNEYyNzQwRjQzMTIyRjlE
NTk1QkRCNTAeFw0yNDAzMDUxNzM1MjJaFw0yNTAzMDQxNzQwMjJaMDMxMTAvBgNV
BAMTKDhBNzNENjUxOUREREE4MDhDMzUzNEVGQjJFNkY5ODJGRUVGMDZENTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDxMO1cpABizjtct2xW4NWOzrhN
xi2WHuPO1dYunLv/hlsSgDESaDHG5rMKv83c10msUXvEAPju8oI/uE03qSQsDZf/
JUnCJ6P2kHm3nG7cT6IsQug0EU0aJYvBRUvy45irjTT8jGaeHIrtuIHiOMv3W1DL
jrawpHLI0yqxhtigEBMhTLTFcDWRNU2E8dRSStwZ+6pUwXe/Jb//RhmIdj+ZOGUy
PEoNNO7Hatcl/dEuTT/331YtRC1mtHG8LMWaa+EesU53eJ9vBXdE5k6QlPj5Rhh4
GOuiGBn+r6nV2u1f+u4CfVx1WBkGxhv/mSHH/GpHa4ZuQ7EXmBIKcq2v6cQ7AgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUinPWUZ3dqAjDU077Lm+YL+7wbVEwHwYDVR0j
BBgwFoAUkUNS9gccgq5CTydA9DEi+dWVvbUwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BN0U3OEY1QTI3RTIxNjU4QTA0MEQ0MUIxNkY2QUM3RDRB
RDU5ODJBNUI1RTkyQzU1OUZCMEQ5MTQzRTkxNzJDLzAvOTE0MzUyRjYwNzFDODJB
RTQyNEYyNzQwRjQzMTIyRjlENTk1QkRCNS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85MTQzNTJGNjA3MUM4MkFFNDI0
RjI3NDBGNDMxMjJGOUQ1OTVCREI1LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTdFNzhGNUEyN0UyMTY1OEEwNDBENDFCMTZGNkFDN0Q0QUQ1OTgyQTVC
NUU5MkM1NTlGQjBEOTE0M0U5MTcyQy8wLzMyMzgzMDM2M2EzMzYzNjMzYTNhMmYz
MzMyMmQzMzMyMjAzZDNlMjAzMjM2MzUzNTMyMzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoBgPMMA0G
CSqGSIb3DQEBCwUAA4IBAQB8JrnVeOk7U+3E82A74K8Bi0q/NyYFXW4vffJVYSU+
xtSw16WWyaAYm14ekpQqMsOWz1kNR33mykuwLXAwdxEw+yP43Ka9jCCg+44NGg1p
2lxQhxeUfSgEEER64inxXcxytPkz90xPM5rn1GPYLixbtqtzsc6u1eSmmtcqAWj9
d9kkJyQaDYgYe8UXrSBx4Evy1bvdBcQ62lX8miBxbO7CcNF7jFyS3je/+aF5nPbX
FFmkGsTDxBCFB66nNIHRss/XA0wbMCggK+YFGs/AeXZO3k86VzQgU7RtFRgneWWQ
tfDBpF7SRD0uwGvFXrOaK8RbH3uWMZYiS6maDrRUwf4N
-----END CERTIFICATE-----
Generated at Sun Jul 21 14:12:37 2024 by rpki-client on console-fra.rpki-client.org